wez Thu Sep 26 08:12:28 2002 EDT
Modified files:
/php4/ext/standard file.c file.h
/php4/main streams.c user_streams.c
Log:
Fix segfault in wrapper error log mechanism when errors are logged on
second and subsequent events.
Implement very simple recursion protection for user streams written
like this:
class urlEncodeStream {
var $fp = NULL;
function stream_open($path, $mode, $options, &$opened_path)
{
$this->fp = fopen($path, $mode); // <-- this recurses infinitely
return is_resource($this->fp);
}
}
file_register_wrapper('urlencode', 'urlEncodeStream');
$fp = fopen('urlencode:///tmp/outputfile.txt', 'w');
Noticed by: Yasuo.
Index: php4/ext/standard/file.c
diff -u php4/ext/standard/file.c:1.262 php4/ext/standard/file.c:1.263
--- php4/ext/standard/file.c:1.262 Thu Sep 26 06:17:40 2002
+++ php4/ext/standard/file.c Thu Sep 26 08:12:26 2002
@@ -21,7 +21,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: file.c,v 1.262 2002/09/26 10:17:40 wez Exp $ */
+/* $Id: file.c,v 1.263 2002/09/26 12:12:26 wez Exp $ */
/* Synced with php 3.0 revision 1.218 1999-06-16 [ssb] */
@@ -132,6 +132,7 @@
static void file_globals_ctor(php_file_globals *file_globals_p TSRMLS_DC)
{
FG(pclose_ret) = 0;
+ FG(user_stream_current_filename) = NULL;
FG(def_chunk_size) = PHP_SOCK_CHUNK_SIZE;
}
Index: php4/ext/standard/file.h
diff -u php4/ext/standard/file.h:1.67 php4/ext/standard/file.h:1.68
--- php4/ext/standard/file.h:1.67 Thu Sep 26 06:17:40 2002
+++ php4/ext/standard/file.h Thu Sep 26 08:12:27 2002
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: file.h,v 1.67 2002/09/26 10:17:40 wez Exp $ */
+/* $Id: file.h,v 1.68 2002/09/26 12:12:27 wez Exp $ */
/* Synced with php 3.0 revision 1.30 1999-06-16 [ssb] */
@@ -115,6 +115,7 @@
int auto_detect_line_endings;
int default_socket_timeout;
char *user_agent;
+ char *user_stream_current_filename; /* for simple recursion protection */
} php_file_globals;
#ifdef ZTS
Index: php4/main/streams.c
diff -u php4/main/streams.c:1.82 php4/main/streams.c:1.83
--- php4/main/streams.c:1.82 Wed Sep 25 11:25:12 2002
+++ php4/main/streams.c Thu Sep 26 08:12:27 2002
@@ -20,7 +20,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: streams.c,v 1.82 2002/09/25 15:25:12 wez Exp $ */
+/* $Id: streams.c,v 1.83 2002/09/26 12:12:27 wez Exp $ */
#define _GNU_SOURCE
#include "php.h"
@@ -1988,7 +1988,7 @@
int free_msg = 0;
if (wrapper) {
- if (wrapper->err_count) {
+ if (wrapper->err_count > 0) {
int i;
size_t l;
int brlen;
@@ -2038,6 +2038,7 @@
if (wrapper->err_stack)
efree(wrapper->err_stack);
wrapper->err_stack = NULL;
+ wrapper->err_count = 0;
}
#if ZEND_DEBUG
if (stream == NULL && copy_of_path != NULL)
Index: php4/main/user_streams.c
diff -u php4/main/user_streams.c:1.22 php4/main/user_streams.c:1.23
--- php4/main/user_streams.c:1.22 Mon Sep 23 14:18:40 2002
+++ php4/main/user_streams.c Thu Sep 26 08:12:27 2002
@@ -17,10 +17,11 @@
+----------------------------------------------------------------------+
*/
-/* $Id: user_streams.c,v 1.22 2002/09/23 18:18:40 wez Exp $ */
+/* $Id: user_streams.c,v 1.23 2002/09/26 12:12:27 wez Exp $ */
#include "php.h"
#include "php_globals.h"
+#include "ext/standard/file.h"
static int le_protocols;
@@ -137,6 +138,13 @@
int call_result;
php_stream *stream = NULL;
+ /* Try to catch bad usage without prevent flexibility */
+ if (FG(user_stream_current_filename) != NULL && strcmp(filename,
+FG(user_stream_current_filename)) == 0) {
+ php_stream_wrapper_log_error(wrapper, options TSRMLS_CC, "infinite
+recursion prevented");
+ return NULL;
+ }
+ FG(user_stream_current_filename) = filename;
+
us = emalloc(sizeof(*us));
us->wrapper = uwrap;
@@ -206,6 +214,8 @@
zval_ptr_dtor(&zmode);
zval_ptr_dtor(&zfilename);
+ FG(user_stream_current_filename) = NULL;
+
return stream;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
